10 matches found
CVE-2022-29201
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments. In this case, references get bound to nullptr for each argument that is empty. Versions 2.9.0,...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29201 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29201 Source advisory:...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29201 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29201 Source advisory: OSV:GHSA-PQHM-4WVF-2JG8...
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29201 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29201 Source advisory: OSV:GHSA-PQHM-4WVF-2JG8...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4878 more potentially affected by CVE-2022-29201 via tensorflow (>=1.0.1 <=2.6.3)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-29201 Source advisory: OSV:GHSA-PQHM-4WVF-2JG8...
aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +39 more potentially affected by CVE-2022-29201 via tensorflow (>=2.7.0 <=2.7.1)
tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =1.2.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-29201 Source advisory: OSV:GHSA-PQHM-4WVF-2JG8...
CVE-2022-29201
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments. In this case, references get bound to nullptr for each argument that is empty. Versions 2.9.0,...
CVE-2022-29201 Missing validation in `QuantizedConv2D` results in undefined behavior in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments. In this case, references get bound to nullptr for each argument that is empty. Versions 2.9.0,...
CVE-2022-29201
TensorFlow CVE-2022-29201 concerns a missing input validation in tf.raw_ops.QuantizedConv2D that can bind references to nullptr when arguments are empty. Affected versions include 2.6.4, 2.7.2, 2.8.1, and 2.9.0. Patches exist in 2.9.0 and are cherrypicked to the older supported branches (2.8.1, 2...
CVE-2022-29201 Missing validation in `QuantizedConv2D` results in undefined behavior in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments. In this case, references get bound to nullptr for each argument that is empty. Versions 2.9.0,...